+- Avi Burra -- 4d -----------------------------------------------------------------------------------------------[...]+ | | | {"kind":1,"sig":"405e0f9335e698f7707d374805cbd614ac9ea5644542e56ac7e279c12087d7f54cfcf87ba541d3366cb2bff386ccd6acce3 | | c2249108676cc02d1d38e4d143acd","id":"3dc7a9255a2b52362904c23631a1f24d52dd86f7714cadedd4cb043707624331","tags":[["p", | | "9be0be0fc079548233231614e4e1efc9f28b0db398011efeecf05fe570e5dd33","wss:\/\/relay.damus.io","mention"],["p","20986fb | | 83e775d96d188ca5c9df10ce6d613e0eb7e5768a0f0b12b37cdac21b3","wss:\/\/relay.primal.net","mention"],["imeta","url | | https:\/\/blossom.primal.net\/5dcd20532cdc37665a783d1cfc766cedb3d7e980c4d2c17499ca98d34a5d3e08.mp4","m | | video\/mp4","dim 384.0x848.0"],["imeta","url | | https:\/\/blossom.primal.net\/c011ecf3d996daaa2a402e4355b5043b90b908a142e13bdd4b8994e3d7128be9.mp4","m | | video\/mp4","dim 384.0x848.0"],["imeta","url | | https:\/\/blossom.primal.net\/bb4bb73e9f2ccef294c792ec5f01f71dff267a4f78943af1e947d9dacad05741.mp4","m | | video\/mp4","dim | | 384.0x848.0"]],"created_at":1777041374,"pubkey":"3129509e23d3a6125e1451a5912dbe01099e151726c4766b44e1ecb8c846f506"," | | content":"Took some time off from Nostr and when I came back was surprised that there were still no great options | | for iOS signers 😞 Android’s had Amber forever. iOS users are stuck raw dogging their nsec or using throwaways, and | | you never get the full PWA experience because NIP-07 doesn’t work in PWA mode. With all the vibe coding going on, | | iOS users are not getting the full experience. \n\nThe reason why a signer doesn’t exist for iOS is that iOS kills | | backgrounded apps fast, so the usual “signer stays connected” approach doesn’t work. Workarounds like silent audio | | tracks keep the app alive but are fragile and will probably get flagged by App Store review eventually.\n\nI’ve been | | working on a native iOS signer called Clave to fix this. APNs push wakes a Notification Service Extension for ~30s, | | which signs with the nsec in the Keychain and goes back to sleep. Key never leaves the device. Push proxy is | | content-free — can’t read requests, can’t sign anything.\nWhat works:\n\t•\tbunker:\/\/ and nostrconnect:\/\/ | | pairing (tested on some clients, works great with @YakiHonne and @Nostur \n\t•\tPer-client trust levels with | | per-kind overrides\n\t•\tFull NIP-46 method set (sign_event, nip04\/44 encrypt\/decrypt, etc)\n\t\nHeads up: push IS | | the signer, so notifications can’t be turned off — but I’ve routed them quietly to notification center, no banner | | spam for every auth.\n\nI’m looking for some help at this point. \n\nTesters. Use it, break it, tell me what’s | | confusing and which clients it chokes on.\n\nSecurity review. Custom NIP-44 v2 on CryptoKit + swift-secp256k1. Worth | | being upfront: I’m not a cryptographer. I used Claude to implement to spec and tested against known vectors, but I | | want real eyes on it before people trust this with real keys. If you know NIP-44, NIP-46, or iOS Keychain\/NSE — | | please look at Shared\/LightCrypto.swift, LightSigner.swift, and the proxy registration flow.\n\nContributors. MIT. | | Known gaps: multi-relay bunker (proxy only subs to one relay, so bunker clients are pinned to relay.powr.build), | | self-hosting docs, more client testing.\n\nUse a throwaway nsec only for now. Don’t be a | | hero.\n\nhttps:\/\/github.com\/DocNR\/clave\n\nReply or DM if you’re interested in helping for a TestFlight invite — | | keeping it tight for now so I can make sure the proxy can scale appropriately. Drop in, poke at it, break things, | | fix them. | | \n\n\nhttps:\/\/blossom.primal.net\/5dcd20532cdc37665a783d1cfc766cedb3d7e980c4d2c17499ca98d34a5d3e08.mp4\nhttps:\/\/ | | blossom.primal.net\/c011ecf3d996daaa2a402e4355b5043b90b908a142e13bdd4b8994e3d7128be9.mp4\nhttps:\/\/blossom.primal.n | | et\/bb4bb73e9f2ccef294c792ec5f01f71dff267a4f78943af1e947d9dacad05741.mp4"} | | | +-- reply --------------------------------------------------------------------------------------------------------- ---+{"kind":1,"sig":"405e0f9335e698f7707d374805cbd614ac9ea5644542e56ac7e279c12087d7f54cfcf87ba541d3366cb2bff386ccd6acce3c2249108676cc02d1d38e4d143acd","id":"3dc7a9255a2b52362904c23631a1f24d52dd86f7714cadedd4cb043707624331","tags":[["p","9be0be0fc079548233231614e4e1efc9f28b0db398011efeecf05fe570e5dd33","wss:\/\/relay.damus.io","mention"],["p","20986fb83e775d96d188ca5c9df10ce6d613e0eb7e5768a0f0b12b37cdac21b3","wss:\/\/relay.primal.net","mention"],["imeta","url https:\/\/blossom.primal.net\/5dcd20532cdc37665a783d1cfc766cedb3d7e980c4d2c17499ca98d34a5d3e08.mp4","m video\/mp4","dim 384.0x848.0"],["imeta","url https:\/\/blossom.primal.net\/c011ecf3d996daaa2a402e4355b5043b90b908a142e13bdd4b8994e3d7128be9.mp4","m video\/mp4","dim 384.0x848.0"],["imeta","url https:\/\/blossom.primal.net\/bb4bb73e9f2ccef294c792ec5f01f71dff267a4f78943af1e947d9dacad05741.mp4","m video\/mp4","dim 384.0x848.0"]],"created_at":1777041374,"pubkey":"3129509e23d3a6125e1451a5912dbe01099e151726c4766b44e1ecb8c846f506","content":"Took some time off from Nostr and when I came back was surprised that there were still no great options for iOS signers 😞 Android’s had Amber forever. iOS users are stuck raw dogging their nsec or using throwaways, and you never get the full PWA experience because NIP-07 doesn’t work in PWA mode. With all the vibe coding going on, iOS users are not getting the full experience. \n\nThe reason why a signer doesn’t exist for iOS is that iOS kills backgrounded apps fast, so the usual “signer stays connected” approach doesn’t work. Workarounds like silent audio tracks keep the app alive but are fragile and will probably get flagged by App Store review eventually.\n\nI’ve been working on a native iOS signer called Clave to fix this. APNs push wakes a Notification Service Extension for ~30s, which signs with the nsec in the Keychain and goes back to sleep. Key never leaves the device. Push proxy is content-free — can’t read requests, can’t sign anything.\nWhat works:\n\t•\tbunker:\/\/ and nostrconnect:\/\/ pairing (tested on some clients, works great with @YakiHonne and @Nostur \n\t•\tPer-client trust levels with per-kind overrides\n\t•\tFull NIP-46 method set (sign_event, nip04\/44 encrypt\/decrypt, etc)\n\t\nHeads up: push IS the signer, so notifications can’t be turned off — but I’ve routed them quietly to notification center, no banner spam for every auth.\n\nI’m looking for some help at this point. \n\nTesters. Use it, break it, tell me what’s confusing and which clients it chokes on.\n\nSecurity review. Custom NIP-44 v2 on CryptoKit + swift-secp256k1. Worth being upfront: I’m not a cryptographer. I used Claude to implement to spec and tested against known vectors, but I want real eyes on it before people trust this with real keys. If you know NIP-44, NIP-46, or iOS Keychain\/NSE — please look at Shared\/LightCrypto.swift, LightSigner.swift, and the proxy registration flow.\n\nContributors. MIT. Known gaps: multi-relay bunker (proxy only subs to one relay, so bunker clients are pinned to relay.powr.build), self-hosting docs, more client testing.\n\nUse a throwaway nsec only for now. Don’t be a hero.\n\nhttps:\/\/github.com\/DocNR\/clave\n\nReply or DM if you’re interested in helping for a TestFlight invite — keeping it tight for now so I can make sure the proxy can scale appropriately. Drop in, poke at it, break things, fix them. \n\n\nhttps:\/\/blossom.primal.net\/5dcd20532cdc37665a783d1cfc766cedb3d7e980c4d2c17499ca98d34a5d3e08.mp4\nhttps:\/\/blossom.primal.net\/c011ecf3d996daaa2a402e4355b5043b90b908a142e13bdd4b8994e3d7128be9.mp4\nhttps:\/\/blossom.primal.net\/bb4bb73e9f2ccef294c792ec5f01f71dff267a4f78943af1e947d9dacad05741.mp4"} Took some time off from Nostr and when I came back was surprised that there were still no great options for iOS signers 😞 Android’s had Amber forever. iOS users are stuck raw dogging their nsec or using throwaways, and you never get the full PWA experience because NIP-07 doesn’t work in PWA mode. With all the vibe coding going on, iOS users are not getting the full experience. The reason why a signer doesn’t exist for iOS is that iOS kills backgrounded apps fast, so the usual “signer stays connected” approach doesn’t work. Workarounds like silent audio tracks keep the app alive but are fragile and will probably get flagged by App Store review eventually. I’ve been working on a native iOS signer called Clave to fix this. APNs push wakes a Notification Service Extension for ~30s, which signs with the nsec in the Keychain and goes back to sleep. Key never leaves the device. Push proxy is content-free — can’t read requests, can’t sign anything. What works: • bunker:// and nostrconnect:// pairing (tested on some clients, works great with @YakiHonne and @Nostur • Per-client trust levels with per-kind overrides • Full NIP-46 method set (sign_event, nip04/44 encrypt/decrypt, etc) Heads up: push IS the signer, so notifications can’t be turned off — but I’ve routed them quietly to notification center, no banner spam for every auth. I’m looking for some help at this point. Testers. Use it, break it, tell me what’s confusing and which clients it chokes on. Security review. Custom NIP-44 v2 on CryptoKit + swift-secp256k1. Worth being upfront: I’m not a cryptographer. I used Claude to implement to spec and tested against known vectors, but I want real eyes on it before people trust this with real keys. If you know NIP-44, NIP-46, or iOS Keychain/NSE — please look at Shared/LightCrypto.swift, LightSigner.swift, and the proxy registration flow. Contributors. MIT. Known gaps: multi-relay bunker (proxy only subs to one relay, so bunker clients are pinned to relay.powr.build), self-hosting docs, more client testing. Use a throwaway nsec only for now. Don’t be a hero. https://github.com/DocNR/clave Reply or DM if you’re interested in helping for a TestFlight invite — keeping it tight for now so I can make sure the proxy can scale appropriately. Drop in, poke at it, break things, fix them. https://blossom.primal.net/5dcd20532cdc37665a783d1cfc766cedb3d7e980c4d2c17499ca98d34a5d3e08.mp4 https://blossom.primal.net/c011ecf3d996daaa2a402e4355b5043b90b908a142e13bdd4b8994e3d7128be9.mp4 https://blossom.primal.net/bb4bb73e9f2ccef294c792ec5f01f71dff267a4f78943af1e947d9dacad05741.mp4
thread · root 9d2f0d88…1481 · depth 1 · · selected 9d2f0d88…1481
thread
root 9d2f0d88…1481 · depth 1 · · selected 9d2f0d88…1481
{"kind":1,"sig":"405e0f9335e698f7707d374805cbd614ac9ea5644542e56ac7e279c12087d7f54cfcf87ba541d3366cb2bff386ccd6acce3c2249108676cc02d1d38e4d143acd","id":"3dc7a9255a2b52362904c23631a1f24d52dd86f7714cadedd4cb043707624331","tags":[["p","9be0be0fc079548233231614e4e1efc9f28b0db398011efeecf05fe570e5dd33","wss:\/\/relay.damus.io","mention"],["p","20986fb83e775d96d188ca5c9df10ce6d613e0eb7e5768a0f0b12b37cdac21b3","wss:\/\/relay.primal.net","mention"],["imeta","urlhttps:\/\/blossom.primal.net\/5dcd20532cdc37665a783d1cfc766cedb3d7e980c4d2c17499ca98d34a5d3e08.mp4","mvideo\/mp4","dim 384.0x848.0"],["imeta","urlhttps:\/\/blossom.primal.net\/c011ecf3d996daaa2a402e4355b5043b90b908a142e13bdd4b8994e3d7128be9.mp4","mvideo\/mp4","dim 384.0x848.0"],["imeta","urlhttps:\/\/blossom.primal.net\/bb4bb73e9f2ccef294c792ec5f01f71dff267a4f78943af1e947d9dacad05741.mp4","mvideo\/mp4","dim384.0x848.0"]],"created_at":1777041374,"pubkey":"3129509e23d3a6125e1451a5912dbe01099e151726c4766b44e1ecb8c846f506","content":"Took some time off from Nostr and when I came back was surprised that there were still no greatoptions for iOS signers 😞 Android’s had Amber forever. iOS users are stuck raw dogging their nsec or usingthrowaways, and you never get the full PWA experience because NIP-07 doesn’t work in PWA mode. With all the vibecoding going on, iOS users are not getting the full experience. \n\nThe reason why a signer doesn’t exist foriOS is that iOS kills backgrounded apps fast, so the usual “signer stays connected” approach doesn’t work.Workarounds like silent audio tracks keep the app alive but are fragile and will probably get flagged by AppStore review eventually.\n\nI’ve been working on a native iOS signer called Clave to fix this. APNs push wakes aNotification Service Extension for ~30s, which signs with the nsec in the Keychain and goes back to sleep. Keynever leaves the device. Push proxy is content-free — can’t read requests, can’t sign anything.\nWhatworks:\n\t•\tbunker:\/\/ and nostrconnect:\/\/ pairing (tested on some clients, works great with @YakiHonne and@Nostur \n\t•\tPer-client trust levels with per-kind overrides\n\t•\tFull NIP-46 method set (sign_event,nip04\/44 encrypt\/decrypt, etc)\n\t\nHeads up: push IS the signer, so notifications can’t be turned off — butI’ve routed them quietly to notification center, no banner spam for every auth.\n\nI’m looking for some help atthis point. \n\nTesters. Use it, break it, tell me what’s confusing and which clients it chokes on.\n\nSecurityreview. Custom NIP-44 v2 on CryptoKit + swift-secp256k1. Worth being upfront: I’m not a cryptographer. I usedClaude to implement to spec and tested against known vectors, but I want real eyes on it before people trustthis with real keys. If you know NIP-44, NIP-46, or iOS Keychain\/NSE — please look atShared\/LightCrypto.swift, LightSigner.swift, and the proxy registration flow.\n\nContributors. MIT. Known gaps:multi-relay bunker (proxy only subs to one relay, so bunker clients are pinned to relay.powr.build),self-hosting docs, more client testing.\n\nUse a throwaway nsec only for now. Don’t be ahero.\n\nhttps:\/\/github.com\/DocNR\/clave\n\nReply or DM if you’re interested in helping for a TestFlightinvite — keeping it tight for now so I can make sure the proxy can scale appropriately. Drop in, poke at it,break things, fix them.\n\n\nhttps:\/\/blossom.primal.net\/5dcd20532cdc37665a783d1cfc766cedb3d7e980c4d2c17499ca98d34a5d3e08.mp4\nhttps:\/\/blossom.primal.net\/c011ecf3d996daaa2a402e4355b5043b90b908a142e13bdd4b8994e3d7128be9.mp4\nhttps:\/\/blossom.primal.net\/bb4bb73e9f2ccef294c792ec5f01f71dff267a4f78943af1e947d9dacad05741.mp4"}
